**Manage My Health Data Breach: Warning Issued as Fraudsters Attempt to Contact Customers**

Manage My Health, a patient portal service that allows customers to access their medical records online, has issued a warning to its users after discovering that fraudsters may be attempting to contact them in an attempt to steal sensitive information.

The breach occurred last year when cybercriminals hacked into the system and demanded thousands of dollars as a ransom, threatening to release the data on the dark web if their demands were not met. The hackers claimed to have accessed the records of over 120,000 New Zealanders, potentially exposing their medical details.

Manage My Health has confirmed that most of those affected by the breach have now received notification emails from the company, but warned that some people may be receiving spam or phishing emails that impersonate the organisation. The company has assured customers that these communications are not genuine and is urging them to exercise caution when responding to any suspicious messages.

"We're also aware that secondary actors may impersonate MMH and send spam or phishing emails to prompt engagement," a statement from Manage My Health said. "These communications are not from MMH. We're investigating steps to limit this activity and have included guidance below on how to protect yourself."

The company is working closely with the Office of the Privacy Commissioner, which has announced an inquiry into the privacy aspects of the breach. The investigation aims to determine whether any personal data was accessed or compromised during the hack.

Manage My Health emphasized that its priority is to continue notifying affected patients and ensuring they receive the necessary support. "We are progressing through the notifications, with most of affected patients having now received a notification email," the company said.

In light of the potential phishing attempts, Manage My Health has provided guidance on how to protect customers' sensitive information:

* **Be cautious of emails that ask for personal or medical details**: Manage My Health will never request your login credentials, medical history, or other sensitive information via email. * **Verify the sender's identity**: Check the email address and sender name to ensure it is a legitimate communication from Manage My Health. The company's official email address will always be in the format \[yourname]\@manage.myhealth.co.nz. * **Don't click on suspicious links or attachments**: Avoid opening emails with unfamiliar links or attachments, as they may contain malware that can compromise your device and data.

By following these guidelines, customers can help protect themselves from potential scams and phishing attempts related to the Manage My Health breach.